Last week saw the revelation that our WiFi networks aren’t quite as safe as we thought they were. What is now known as a KRACK attack (Key Reinstallation AttaCK), was revealed last week and has gained quite a lot of attention. So what is a KRACK attack and what can we do to protect ourselves from it?
A KRACK attack can defeat the WPA2 protocol to access our once secure WiFi networks. The bad news is that all routers that use WPA2 security, which is most of them, are vulnerable. The good news is that the attacker has to be within WiFi range of your router to work the attack and many router manufacturers have already released, or are in the process or releasing, patches to fix the vulnerability.
Protect your WiFi network from KRACK attacks
There are a few key things you can do to protect yourself from the KRACK attack.
Update your router firmware
Log into your router and look for the firmware update settings. Set it to automatic if there is such a setting and select Update. Allow the router to download and install any updates and reboot.
Update your devices
While KRACK predominantly attacks router authentication, devices need protection too. Windows 10 has already been updated with a security fix and likely other device OS will have too. Linux and Android are particularly vulnerable so make sure all of your devices are up to date and running the latest versions of all software.
Use a VPN
WPA2 uses encryption to secure your data and it is this encryption that KRACK can circumvent. Using a VPN further encrypts your data within WPA2. A VPN creates a virtual tunnel over your internet connection that secures traffic between your computer and the VPN server. That includes your router. It sees there is traffic but cannot access it so if it is hacked, the hacker cannot access your data.
Until all routers and devices have been secured against KRACK, I would suggest running all your traffic through a VPN. This has the side effect of securing all of your data and online activity from prying eyes. Given how data is viewed as a commodity now and we have less and less power over our own information, I always use a VPN.
VPNs are not totally secure either but they are our best option right now and will certainly help secure you against KRACK attacks.
You could take other steps if you are truly worried, such as using Ethernet or cell data instead of WiFi and turning off any IoT devices you may have. I personally would consider this a step too far but that is entirely up to you!